Secure ECommerce INFT 4005' Course ID 13673

1
Secure E-CommerceINFT 4005. Course ID 13673
2
Secure E-Commerce

• One two-hour lecture per week
• One one-hour workshop/tutorial per week( No
  workshop/tutorial in week 1)
• Assessment
• Assignments 40. One programming, one technical
  report.
• Exam 50. 3 hours open book. (min 40 accepted)
• Class participation 10
• You must achieve at least 45 in the exam
  component as well as a pass mark overall to pass
  this course.
• PrerequisitesSecure and High Integrity
  Systems,Objects and Algorithms or an
  equivalent CIS course.

3
Secure E-Commerce

• E-Commerce
• Scope , attacks, security issues, problems and
  solutions
• Cryptography
• Applied to data confidentiality, integrity,
  authentication and non-repudiation.
• Secret Key algorithms History and current usage,
  standards. Features and weaknesses
• Key Distribution problem
• Public Key algorithmsCertificates, Certifying
  authorities, Digital signatures,
• Public Key Infrastructure
• Secure protocols SSL, iPSec
• Security hardware
• Smart cards, biometrics
• Applications

4
Network Security Mechanisms

• Cryptography
• A brief history
• Kerckhoffs Principle
• Secret and Public Key
• Cryptographic Hash algorithms for data integrity
• Digital signatures
• DES, AES, RSA, Elliptic Curve Cryptography.

5
Network Security Protocols

• For reliable and confidential communication
• Preventing eavesdroppers
• Preventing man-in-the middle attacks
• Reliably identifying communicating parties
• Secure login
• Protocols used by various Crypto-primitiveseg.
  IPSec, SSL, Kerberos

6
Public Key Infrastructure (PKI)

• For authenticated distribution of public keys
• Depends on a trusted Certification Authority
  which attests to the identity of some party and
  issues PKI digital certificates.
• Uses Public Key Cryptography and Digital
  Signatures

7
Security Hardware

• Tamper-resistant processors for storing and
  handling data such as private keys.
• Smart cards. Especially those which include
  cryptographic ability to more reliably identify
  an individual.
• Biometric interfaces for authentication.
• Fingerprint
• Face recognition

8
Digital Payments

• Digital cash, (Typically anonymous )
• Digital cheques
• Cash cards
• Payment technologies ( for Internet auction and
  other payments )

9
Week 1

• Survey of E-Commerce
• The scope of E-Commerce
• Threats
• Attacks
• Adverseries
• The scope of the problem
• (Reading. Secrets and Lies by Bruce Schneier.
  Ch 2,3, 4, available on website.)

10
E-Commerce

• The E in E-Commerce stands for Electronic.So
  E-Commerce (EC) strictly includes any commercial
  activity conducted using electronic
  communication.
• Internet, email, networks, fax, telephone
• In this course we restrict ourselves to
  transactions conducted via the Internet and
  networks where data is transferred without the
  requirement for human interpretation, as in
  reading a fax or hearing a phone call.

11
Transactions

• Here we include any information exchange that is
• part of a commercial transaction.
• Financial transfers.
• Payments and receipts
• Placement and acknowledgement of orders
• Exchange of contracts and other legal documents
• Purchase of goods and services
• Auctions
• Banking
• Share trading
• Confidential information transfer

12
E-Government

• The term E-Commerce is also widened to include
• electronic transactions with and within
  Government agencies
• Taxation
• Legal
• Registration of Businesses, vehicles. . .
• Application for services
• Information and advice
• Statutory reporting
• National security / Military
• Inter-government, diplomacy, treaties, alliances
• Patents
• Freedom of Information
• Voting?

13
Transactions
Inter departmental, Legal, Military, Security
Taxation, Banking Registration, reporting
B2B
G2G
Business
Government
Orders, Payments, banking
B2G
Inter-Gov
C2G
B2C
Diplomatic, Espionage.
Taxation, Registration, Services, voting
Banking, Online sales
Private
C2C
Auctions
14
Technologies - hardware

• Desktop / laptop computers
• Routers, switches, gateways
• Servers, Web servers
• Mobile phones, PDAs
• Smart cards and their readers
• Credit cards
• ATMs
• EFTPOS
• Biometric scanners
• Next technology??

15
Technologies - Software

• Web browsers and Servers
• Operating Systems
• Virus checkers and cleaners
• Email
• Web services
• Web agents
• Custom applications often built on J2EE, .NET or
  Corba

16
Computer System Security

• For servers, desktop computers and network
• infrastructure devices.
• Must be physically secured. Access to authorised
  operators only.
• Backup tapes or servers are securely located
  offsite.
• Must have appropriate network isolation in place
• Have appropriate login and password
  authentication.
• Control access to sensitive data to specific
  users
• Must have security policies in place and being
  followed. Policies must include regular auditing
  

17
Server and Desktop security

• Server security to ensure
• Stored data not read, copied or altered.
• Websites are secured from defacement.
• System availability and performance maintained.
• Desktop security to ensure
• Viruses, worms and other malware does not send
  private information (Trojan horse) or result in
  denial of service.
• No Backdoor software on the desktop which
  allows access to hackers or allows your machine
  and its identity to be used in attacks on other
  systems.

18
E-Commerce vs Other-Commerce

• All forms of commerce require the same basic
  security. ( Trust )
• E-Commerce brings with it a huge change in the
  potential for fraud.
• It is fast. Computers can perform large numbers
  of tedious small fraudulent transactions that
  would not be worth the effort by hand.
• It is international. Commercial law is most
  developed for transactions in a single
  jurisdiction. Laws have not been able to keep up
  with the new situations that are arising. Fraud
  conducted remotely may not be able to be
  prosecuted.
• It has a long reach. Web based commerce has the
  whole e-world as potential customers and it has
  all the worlds e-criminals as threats
• Anonymity and disguise is easier to maintain in
  cyberspace. Humans have a well developed skill
  for reading subtle signs in interpersonal
  transactions that warn us when a deal may be
  fraudulent. This is not present in E-Commerce.

19
Security flaws may kill E-Commerce

• Unless participants can have justified confidence
  in their E-Transaction, they will revert to,
  Tried and Trusted ways of doing business.
• Phishing, attempts to fool Electronic Banking
  users to reveal their login codes. Concern
  amongst the public is limiting the take up of
  Electronic Banking.
• If personal E-Fraud experiences are infrequent
  and relatively insignificant then users will live
  with it (like a host and a parasite).
• If E-Fraud is too evident users will turn away
  from E-Commerce (A too aggressive parasite will
  kill the host)
• http//www.fraud.org/2004-internet20scams.pdf

20
E-Commerce fraud

• The extent of E-Commerce fraud is difficult to
  quantify. Estimates
• vary widely. KPMG estimates only one third of
  Australian cases get
• reported.
• Gartner group forecast B2B and B2C combined
  US2.6 Trillion for
• European Union in 2004.
• eMarketer estimates US1.4Billion cost of
  Identity theft in US for 2002.
• IFCC. Internet Fraud Complaint Center (US
  Govt). Only reported complaints are counted.
  Alerts on current scams
• http//www.ifccfbi.gov/strategy/pressroom.asp
• E-Con, a joint operation by the US Dept Justice,
  FBI, Postal Service and Secret Service uncovered
  US176 million in E-Commerce fraud in the first
  half of 2003
• http//www.ifccfbi.gov/strategy/ifcc-econbrief.pdf
  
• Australia ranks third in the world for Internet
  fraud
• http//www.smh.com.au/articles/2003/04/13/10501724
  76237.html

21
Security Threats

• Theft or copying of Credit cards, Results in
  financial loss to valid owner or any vendors who
  conclude transactions (Legal protection may
  divert loss to others)Visa report Credit Card
  crime at 32 billion
• http//www.computeruser.com/news/99/12/17/news7.ht
  ml
• Impersonation of customer - Identity theft
  Merchant deals with a fictitious customer,
  contract obligations fall on non-existent person
  or costs directed to another customer. Auction
  example.
• Impersonation of serverThe customer concludes
  transaction with a different vendor to the one
  indicated. Vendor loses business, customers and
  reputation. Criminals obtain customer login
  details.
• RepudiationCustomer denies existence, quantity,
  validity or price of an order. Having placed an
  order a customer may find a better deal elsewhere
  and attempt to deny the order is valid.

22
Threats (2)

• Denial of serviceCompetitor may seek to disable
  operations of an opponent, or maybe simple
  vandalism related to personality deficiency of
  attacker. May extort money to re-establish
  service.
• Web site defacing, attempts to attack the
  reputation of site owner or impede a web based
  business, or simple vandalism similar to
  grafitti.
• Breach of confidentialityAn intruder may gain
  access to private information, either in storage
  or in transmission. This information may reveal
  trade secrets, military secrets, weaknesses,
  business plans and so impose a disadvantage on
  the attacked party and give an advantage to the
  attacker.
• Loss of IntegrityAn attacker may interfere with
  the contents of a transaction and so disrupt the
  attacked partys operations

23
Adversaries
24
Real Examples
25
Another example
This is much more sophisticated, with several
pages of security advice. But it still asks the
user to log in.
26
Example

• You log on to the Amazon.com web site to buy a
  book.
• How secret are the details you send to the Amazon
  server? Do you want others to know the types of
  books you buy?
• How does Amazon know it is YOU placing the order?
• How do you know you are talking to Amazons
  server and not one set up by a criminal to get
  your credit card details?
• How can you be sure no one changes the delivery
  address and steals your book?
• Are your personal details stored on Amazons
  server safe from outsiders reading or altering
  them?

27
Example (continued)

• Can an Amazon competitor or a sacked employee
  bring down the server or delete data?
• Are Amazons web pages safe from defacement or
  alteration (eg. Increasing the price of a popular
  book)?
• Can someone prevent Amazons server from
  accessing the network?
• Can a competitor steal orders by mimicking the
  Amazon site?
• Can Amazon send and demand payment for books you
  never ordered?
• Is software on your desktop capturing keystrokes
  and sending them off to another server?
• Is your computer being used by an attacker to
  commit crimes on other computers?

28
Goals for Secure Transactions

• The four goals for secure transactions are. . .
• Confidentiality ( privacy, secrecy ) of data. No
  unauthorised person has been able to read the
  data.
• Integrity of data. The data is correct and has
  not been tampered with by an attacker
• Authentication. The data has been sent by the
  person indicated and not by an attacker in
  disguise. Alternatively, the server being
  accessed is what it purports to be and not a
  façade set up to obtain your login details
• Non-repudiation. The data integrity is intact and
  its source has been authenticated. So its
  validity cannot be denied. A requirement of
  Commerce.

29
Paper Commerce

• The same 4 issues have existed traditional
  commerce.
• Secrecy and Integrity assured by use of
  registered mail, encryption, private couriers.
• Authentication. Face to face meetings,
  signatures, Notarized documents.
• Non-repudiation. Signatures, witnesses, Physical
  evidence of tampering with paper documents
• In this course we concentrate on Network
  Security. Server and desktop security is covered
  in Secure and High Integrity Systems.

30
Confidentiality

• A customer want credit card details and E-Banking
  logon details kept private.
• Businesses want product plans and marketing data
  and propriety information kept secret from their
  competitors. (Recipe for Coca Cola)
• Governments want economic and military planning
  kept secret.
• Individuals want personal and medical information
  about themselves kept private

31
Authentication

• Are you sure about the person you are dealing
  with.
• How can they prove they are who they say.
• We recognise faces, believe identity cards,
  accept paper money if it looks and feels alright.
• The anonymity of cyber-space makes it easy to lie
  about your identity.
• Do we accept someone if a trusted third party
  vouches for them?

32
Integrity

• Is the message we receive the same as the one
  that was sent?
• Could a man-in-the middle have intercepted the
  original message, changed it to his advantage,
  then forwarded it to the intended recipient?
• For example, altering the performance figures of
  a company to increase its share price.

33
Non-Repudiation

• Repudiation is the ability to successfully deny a
  message either
• Came from you or was received by you
• Or
• Contains the original content
• For example. A buyer may place an order from a
  supplier and receive the items. He may then find
  a cheaper supplier and attempt to deny he placed
  the original order.
• Non-repudiation proves message is authentic.

34
Cryptography as part of the solution

• Use of cryptography can provide security in the
  four areas of concern.
• Encrypted messages provide confidentiality
• Cryptographic hash functions used in digital
  signatures enhance integrity and authentication.
• Digital signatures also prevent repudiation of
  messages.

35
Security management

• The strongest cryptographic systems are weakened
  by poor implementation and management. (The human
  factor)
• Trusted individuals can commit E-Crimes using the
  privilege of their positions. ( IT Security
  specialists can also be criminals)
• Sloppy or lazy operators can make secure systems
  vulnerable to cryptanalysis by poor selection of
  keys, repetition of messages, predictable
  content.
• Low tech attacks can be the hardest to
  preventeg. Denial of service attack on a
  competitor by burning down his computer centre.